CVE-2004-0989

Priority
Description
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and
possibly other versions, may allow remote attackers to execute arbitrary
code via (1) a long FTP URL that is not properly handled by the
xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that
is not properly handled by the xmlNanoFTPScanProxy function, and other
overflows related to manipulation of DNS length values, including (3)
xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5)
xmlNanoHTTPConnectHost.
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-03-19 11:34:44 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)